Xen project Mailing List

RE: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET-enhanced functions

To: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx>, Bjoern Doebel <doebel@xxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

From: Jiamei Xie <Jiamei.Xie@xxxxxxx>

Date: Thu, 17 Mar 2022 09:17:00 +0000

Accept-language: en-US

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=TVTayEo9cd7za1xsfn+am72yC0vKL+VYANv8573DfDw=; b=FIGf6jD98UK0zhxhRlwljOiQoIvXOgNHe81MsawBGRru3mgA8jN2g2uOatVENCJKHlL1yIUDxMSvx4P4mcZxFWxgBGk4rInL2hx91AmjpmWs92w6b0LYGfUBH3RzmilCUBJMFpQ0Ibeu6SJigeQIwwfOYwMOs80Rin5khaikyA3ufghKbCDXsPegbj95HBo6sgraJXo3Bn6mcchWPf7ORm3ukB7Gd/Gw/qEqRsejozfMBHIgzAhAS4j2pWPqBODAo5S+YTHBJJavjRTpiB2aKIqAetQcKd5TnrKCBaK/IMNXY+jTGWiu9m61r6PgCasN2uXgcNnNfz39jjB20IqJnA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lDblQblYkznqnytIj4e//SgD5wrz3XcoS88oatBDbZGSm+6cEBLarawIrEUYHzYhN7PQneMInStiJZOY9NdNGrEx7S82GxrXerxxjKW570CNa4Wc34Q3wjgy7nwIsUC2srYjBzsZxHsGawJNTa1K7nn8OjSzg6ZkLd13IxocSf8MrPlXAdzm8BOLRIp+f5E/FeQyoiSP8GE6XquDun2coNXjzkWQ79RoKm96nyfGHCoYtiUT2zxtqgB3aCg/36naP7yMvJs4bs+3nb/1uSJSnc/PqDtEQj/nXlBOLHHSshOlyWL8mmVDzy7d8nMuu+UQtdqNIInQMFTfN7PPiJS8yw==

Authentication-results-original: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;

Cc: Michael Kurth <mku@xxxxxxxxx>, Martin Pohlack <mpohlack@xxxxxxxxx>, Roger Pau Monne <roger.pau@xxxxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>

Delivery-date: Thu, 17 Mar 2022 09:17:29 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Nodisclaimer: true

Original-authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=arm.com;

Thread-index: AQHYM8WNmsy9ALsOG0iEitvyqooH8ay3Sg6AgAwMHmA=

Thread-topic: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET-enhanced functions

Hi Bjoern, > -----Original Message----- > From: Xen-devel <xen-devel-bounces@xxxxxxxxxxxxxxxxxxxx> On Behalf Of > Ross Lagerwall > Sent: 2022年3月10日 1:12 > To: Bjoern Doebel <doebel@xxxxxxxxx>; xen-devel@xxxxxxxxxxxxxxxxxxxx > Cc: Michael Kurth <mku@xxxxxxxxx>; Martin Pohlack > <mpohlack@xxxxxxxxx>; Roger Pau Monne <roger.pau@xxxxxxxxxx>; > Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>; Konrad Rzeszutek Wilk > <konrad.wilk@xxxxxxxxxx> > Subject: Re: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET- > enhanced functions > > > From: Bjoern Doebel <doebel@xxxxxxxxx> > > Sent: Wednesday, March 9, 2022 2:53 PM > > To: xen-devel@xxxxxxxxxxxxxxxxxxxx <xen-devel@xxxxxxxxxxxxxxxxxxxx> > > Cc: Michael Kurth <mku@xxxxxxxxx>; Martin Pohlack > <mpohlack@xxxxxxxxx>; Roger Pau Monne <roger.pau@xxxxxxxxxx>; > Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>; Bjoern Doebel > <doebel@xxxxxxxxx>; Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>; > Ross Lagerwall <ross.lagerwall@xxxxxxxxxx> > > Subject: [PATCH v5 2/2] xen/x86: Livepatch: support patching CET- > enhanced functions > > > > Xen enabled CET for supporting architectures. The control flow aspect of > > CET expects functions that can be called indirectly (i.e., via function > > pointers) to start with an ENDBR64 instruction. Otherwise a control flow > > exception is raised. > > > > This expectation breaks livepatching flows because we patch functions by > > overwriting their first 5 bytes with a JMP + <offset>, thus breaking the > > ENDBR64. We fix this by checking the start of a patched function for > > being ENDBR64. In the positive case we move the livepatch JMP to start > > behind the ENDBR64 instruction. > > > > To avoid having to guess the ENDBR64 offset again on patch reversal > > (which might race with other mechanisms adding/removing ENDBR > > dynamically), use the livepatch metadata to store the computed offset > > along with the saved bytes of the overwritten function. > > > > Signed-off-by: Bjoern Doebel <doebel@xxxxxxxxx> > > Acked-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> > > CC: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx> > > Reviewed-by: Ross Lagerwall <ross.lagerwall@xxxxxxxxxx> Tested-by: Jiamei xie <jiamei.xie@xxxxxxx> Cheers, Jiamei

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.